Role Overview
We are seeking a detail-oriented, analytical, and risk-aware IT Auditor to evaluate the effectiveness of our information technology controls, security systems, and data management processes. In this role, you will be responsible for conducting comprehensive audits, identifying potential vulnerabilities, and ensuring compliance with industry standards and regulatory requirements. If you possess a sharp eye for detail, a deep understanding of IT governance frameworks, and the ability to bridge the gap between technical infrastructure and business risk, this is an outstanding opportunity to strengthen our internal controls and support our long-term digital integrity.

Key Responsibilities
Audit Planning: Develop and execute risk-based IT audit plans, defining scope, objectives, and methodologies to assess IT systems and processes.

Controls Assessment: Evaluate the design and operational effectiveness of IT general controls (ITGCs), including access management, change management, and backup/recovery procedures.

Compliance Monitoring: Ensure alignment with regulatory requirements and industry frameworks such as ISO 27001, SOC2, HIPAA, or SOX, depending on organizational needs.

Vulnerability Identification: Proactively identify technical, operational, and security weaknesses, documenting findings and providing actionable recommendations to management.

Risk Reporting: Prepare clear, concise, and professional audit reports highlighting key risks, management responses, and remediation timelines.

Stakeholder Collaboration: Work closely with IT teams, management, and internal/external auditors to communicate findings, validate evidence, and track the progress of audit recommendations.

Continuous Improvement: Stay updated on emerging technologies, cyber threats, and regulatory shifts to refine audit programs and enhance organizational resilience.

Requirements & Qualifications
Education: Bachelor’s degree in Information Systems, Accounting, Finance, or a related field; professional certifications such as CISA (Certified Information Systems Auditor), CISSP, or CISM are highly preferred.

Experience: 3–5+ years of experience in IT auditing, internal/external audit, or IT risk management.

Technical Skills:

Strong knowledge of IT governance frameworks (COBIT, NIST, ITIL).

Proficiency in auditing core systems including Cloud infrastructure (AWS/Azure/GCP), ERP systems, and Database Management Systems.

Experience with data analysis tools (e.g., ACL, IDEA, SQL, Excel) to perform audit testing on large datasets.

Deep understanding of information security principles, data privacy, and disaster recovery planning.

Personal Attributes:

High degree of professional skepticism and uncompromising integrity.

Exceptional report-writing and verbal communication skills, with the ability to convey complex technical risks to non-technical stakeholders.

Strong analytical, critical thinking, and project management capabilities.

Highly organized with the ability to manage multiple audit engagements simultaneously under strict deadlines.

Share

Comments